General

  • Target

    e968e9d9a8adacd744b2c38bb209385edb83876bc28793fb83b321a58c78c7ba

  • Size

    219KB

  • Sample

    240612-ls2b9stfkq

  • MD5

    cc42922193f9887848fff8694387336a

  • SHA1

    49d49994dec74e6ab2a4734df63e7d20d3bf780b

  • SHA256

    e968e9d9a8adacd744b2c38bb209385edb83876bc28793fb83b321a58c78c7ba

  • SHA512

    d3936f338879045f92fce7b17b634a480a0a6f62bbee0d1b39e8a432531524c2d1aade5f188a71a8d5ffb6cdf838c90e2d77e71b7651c1d29b6d6d5af817442c

  • SSDEEP

    3072:12RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0Kr:10KgGwHqwOOELha+sm2D2+UhngNHK4pY

Score
8/10

Malware Config

Targets

    • Target

      e968e9d9a8adacd744b2c38bb209385edb83876bc28793fb83b321a58c78c7ba

    • Size

      219KB

    • MD5

      cc42922193f9887848fff8694387336a

    • SHA1

      49d49994dec74e6ab2a4734df63e7d20d3bf780b

    • SHA256

      e968e9d9a8adacd744b2c38bb209385edb83876bc28793fb83b321a58c78c7ba

    • SHA512

      d3936f338879045f92fce7b17b634a480a0a6f62bbee0d1b39e8a432531524c2d1aade5f188a71a8d5ffb6cdf838c90e2d77e71b7651c1d29b6d6d5af817442c

    • SSDEEP

      3072:12RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0Kr:10KgGwHqwOOELha+sm2D2+UhngNHK4pY

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks